Back to overview

Network Security, Wireless Security

Navigate the New: Unpacking SonicOS 7.2.0

by Pradip Koli

New in SonicOS 7.2.0: Easier Authentication, Stronger Wi-Fi Security, and Smarter Time Syncing

SonicOS 7.2.0 introduces several dynamic features for stronger security and higher efficiency with your Gen 7 firewalls.

SonicOS 7.2.0 delivers the following key features:

  1. Security Assertion Markup Language (SAML)
  2. SonicOS – Network Time Protocol (NTP) Server.
  3.  WPA2/WPA3 (Wi-Fi Protected Access) - Enterprise Support on TZWs running in station mode.
  4. Increased support for Domain Name Server (DNS) proxy rules.

SAML

SAML makes everyone’s life easy, be it an organization's end users, employees, the IT team or business owners. It simplifies authentication by allowing access to multiple apps with one set of credentials and reduces password fatigue. IT teams can centrally manage access, simplifying onboarding, offboarding and policy enforcement.

SonicOS 7.2.0 supports the following SAML Single Sign-On Use cases.

  1. User identity
  2. Firewall Administration or Management Access
  3. Remote Access VPN (SSLVPN)

Learn more about SAML in our blog.

SonicOS – NTP Server

SonicWall firewalls can now double as an NTP server! This means an organization can designate the firewall-NTP server to act as the correct time source for other devices on a network segment. This allows all the devices on that segment to synchronize their clocks according to the NTP server’s time.

This feature is particularly useful in closed or small network deployments.  In these environments, hosts and devices lack access to the internet or any external NTP sources. Since the firewall already functions as the gateway for these devices, no additional configurations or deployments are necessary for NTP synchronization. This feature is crucial for accurately logging and reporting events with consistent timestamps across distributed systems. The logs are stored in the Audit log section of the firewalls and are also accessible via Network Security Manager (NSM) for firewalls managed with NSM. This feature is also accessible via an API or CLI.

WPA2/WPA3- Enterprise Support on TZW’s running in Station Mode (STA)

On Gen 7 TZ wireless firewalls, the Radio Role can be set to STA (Wireless Station or Access Point & Station). Previously, you could choose from three authentication types: Open, WPA2-Auto-PSK and WPA3-PSK. With SonicOS 7.2.0, you can now use EAP authentication for stronger security using authentication based on certificates and public-key cryptography.   

Increase in DNS Proxy Rule Limit

DNS proxy limit has been increased to 1024 across all firewall models. This allows customers to optimize the rules when using DNS proxy on VLAN interfaces.

To learn more, check out our FAQ, it has everything you need to know about SonicOS 7.2.0

Use Cases and Business Outcomes

Feature

Use Case

Business Outcome

SAML

Enables secure Single Sign-On (SSO), allowing users to access multiple applications with a single login

  1. Single Sign-On to streamline user identity authentication.
  2. Single Sign-On for Firewall Administrators to manage access
  3. Single Sign-On for Remote Access VPN (SSL VPN) users

  1. Streamlined management and administration processes for IT teams, allowing them to focus on other critical tasks. Decreased helpdesk calls related to password resets.
  2. Enhanced security as a centralized authentication mechanism reduces the risk of password-related breaches.
  3. Increased productivity through seamless access to multiple applications without repeated logins.

SonicOS – NTP Server
The ability for the firewall to act as an NTP server allows devices within a closed network or small network to synchronize their time settings efficiently.

A reliable NTP source is vital in closed networks or critical environments like financial institutions and data centers. Using the firewall as an NTP server ensures all devices are synchronized, enhancing log integrity and regulatory compliance.

  1. Enhanced security postures by ensuring accurate logs for auditing and investigations
  2. Sync the analytics and reporting server with the Firewall for accurate reporting.

WPA2/WPA3- Enterprise Support on TZWs Running in Station Mode

Businesses can utilize TZWs as wireless clients (in station mode) to connect seamlessly with existing Access Points for WAN connectivity,

Strong authentication methods can lead to better operational efficiency and reduced risks.

For more information on Gen7, please check out the datasheet or reach out to our experts.

Share This Article

An Article By

Pradip Koli

Senior Product Manager
Pradip Koli is a Senior Product Manager at SonicWall. He has over nine years of experience in cybersecurity product management, technical solutions and customer experience. Before SonicWall, Pradip led teams of different sizes at Netskope, overseeing teams delivering and supporting SASE/SSE and cloud/network security solutions. Pradip joined SonicWall to enhance the Network and Access Security portfolio, focusing on developing Next-Generation Firewall (NGFW) and SonicWall Switch products.